/* inner token types and flags */
#define ITOK_TYPE_NONE 0x00000000
-#define ITOK_TYPE_CONTEXT_ERR 0x00000001
-#define ITOK_TYPE_ACCEPTOR_NAME_REQ 0x00000002
-#define ITOK_TYPE_ACCEPTOR_NAME_RESP 0x00000003
-#define ITOK_TYPE_EAP_RESP 0x00000004
-#define ITOK_TYPE_EAP_REQ 0x00000005
-#define ITOK_TYPE_GSS_CHANNEL_BINDINGS 0x00000006
-#define ITOK_TYPE_REAUTH_CREDS 0x00000007
-#define ITOK_TYPE_REAUTH_REQ 0x00000008
-#define ITOK_TYPE_REAUTH_RESP 0x00000009
-#define ITOK_TYPE_VERSION_INFO 0x0000000A
-#define ITOK_TYPE_VENDOR_INFO 0x0000000B
+#define ITOK_TYPE_CONTEXT_ERR 0x00000001 /* critical */
+#define ITOK_TYPE_ACCEPTOR_NAME_REQ 0x00000002 /* TBD */
+#define ITOK_TYPE_ACCEPTOR_NAME_RESP 0x00000003 /* TBD */
+#define ITOK_TYPE_EAP_RESP 0x00000004 /* critical, required, if not reauth */
+#define ITOK_TYPE_EAP_REQ 0x00000005 /* critical, required, if not reauth */
+#define ITOK_TYPE_GSS_CHANNEL_BINDINGS 0x00000006 /* critical, required, if not reauth */
+#define ITOK_TYPE_REAUTH_CREDS 0x00000007 /* optional */
+#define ITOK_TYPE_REAUTH_REQ 0x00000008 /* optional */
+#define ITOK_TYPE_REAUTH_RESP 0x00000009 /* optional */
+#define ITOK_TYPE_VERSION_INFO 0x0000000A /* optional */
+#define ITOK_TYPE_VENDOR_INFO 0x0000000B /* optional */
#define ITOK_FLAG_CRITICAL 0x80000000 /* critical, wire flag */
#define ITOK_FLAG_VERIFIED 0x40000000 /* verified, API flag */
#define GSSEAP_STATE_NEXT(s) ((s) << 1)
+#define GSSEAP_SM_STATE(ctx) ((ctx)->state)
+
#ifdef GSSEAP_DEBUG
void gssEapSmTransition(gss_ctx_id_t ctx, enum gss_eap_state state);
#define GSSEAP_SM_TRANSITION(ctx, state) gssEapSmTransition((ctx), (state))
#define GSSEAP_SM_TRANSITION(ctx, state) do { (ctx)->state = (state); } while (0)
#endif
-#define GSSEAP_SM_TRANSITION_NEXT(ctx) GSSEAP_SM_TRANSITION((ctx), GSSEAP_STATE_NEXT((ctx)->state))
+#define GSSEAP_SM_TRANSITION_NEXT(ctx) GSSEAP_SM_TRANSITION((ctx), GSSEAP_STATE_NEXT(GSSEAP_SM_STATE((ctx))))
/* state machine entry */
struct gss_eap_sm {
#define SM_FLAG_FORCE_SEND_TOKEN 0x00000001 /* send token even if empty */
#define SM_FLAG_STOP_EVAL 0x00000002 /* no more handlers for this state */
+#define SM_FLAG_RESTART 0x00000004 /* restart state machine */
#define SM_ITOK_FLAG_CRITICAL 0x00000001 /* sent tokens marked critical */
#define SM_ITOK_FLAG_REQUIRED 0x00000002 /* received tokens must be present */